Amendments to the Claims 

This listing of claims will replace all prior versions, and listings, of claims in the 
application: 

Listing of Claims: 

1. Canceled. 

2. (Currently amended) The method of claim 4 wherein said prov i d i ng granting 
step includes the step of comparing said second trust rating to a predetermined 
trust rating threshold and wherein said predetermined criteria comprises said 
predetermined trust rating threshold. 

3. Canceled. 

4. (Currently amended) A method for evaluating a set of credentials comprising at 
least one group credential in response to a request to access a resource, 
comprising: 

ascertaining at least one first trust rating explicitly included w ithin at least 
5 one of said credentials within said set of credentials including said group 

credential, wherein each of said first trust ratings i s assoc i at e d w i th represents 
a level of confidence in information being certified within the respective 
credential; 

in the event said set of credentials faros -comprises a plurality of 
10 certification paths having at least one credential in each of said paths, 

determining^ for each certification path of said plurality of certification paths A a 
respective third trust rating equal to the-ajowest first t rust rating in the 
credentials of the respective certification path; 

d e t e rm i n i ng in the event said set of credentials does not comprise a 
15 plurality of certification paths, setting a second trust rating for said set of 




credentials bas e d, at l e ast in part, upon an analysis of sa i d to a lowest first 
trust rating of the at least one first trust rating by ass i gn i ng s a i d s e cond trust 
rat i ng equa l to th e highest trust rat i ng of sa i d th i rd trust ratings; 

in the event said set of credentials comprises a plurality of certification 
20 paths, setting the second trust rating for said set of credentials to a highest third 

trust rating of said third trust ratings; and 

granting access to the resource in the event said second trust rating 
satisfies predetermined criteria. 

Claims 5 - 7: Canceled 

8. (Currently amended) The method of claim 4 c l a i m 7 wherein said resource 
comprises a file on a file server. 

9. (Currently amended) The method of claim 4 c l a i m 7 wherein said resource 
comprises a web page. 

10. (Currently amended) The method of claim 4 c l a i m 7 wherein said resource 
comprises a secure area. 

1 1 . (Currently amended) The method of c l a i m 7 claim 4 wherein said resource 
comprises a database. 

12. (Previously Presented) The method of claim 4 wherein said ascertaining step 
further includes the step of obtaining an identity credential trust rating 
associated with an identity credential within said certification path. 

13. (Canceled) 

14. (Previously Presented) The system of claim 16 wherein said access control 
program further includes program code for comparing said second trust rating 
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to a predetermined trust rating threshold and wherein said predetermined 
criteria comprises said predetermined trust rating threshold. 

(Canceled). 

(Currently amended) A system for evaluating a set of credentials including at 
least one group credential in response to a request to access a resource, 
comprising: 

a memory containing an access control program; and 

a processor operative to execute said access control program; 

said access control program comprising: 

program code for ascertaining at least one first trust rating 
explicitly included within at least one of said credentials within said set of 
credentials including said group credential, wherein each of said first 
trust ratings is associat e d w i th represents a level of confidence in 
information being certified within the respective credential; 

program code operative,, in the event said set of credentials forms 
comprises plural certification paths A for determining for each certification 
path of said plural certification paths A a respective third trust rating equal 
to tbe-ajowest first trust rating in the credentials w i th i n of the respective 
certification path; 

program code for d e t e rmin i ng setting, in the event said set of 
credentials does not comprise a plurality of certification paths, a second 
trust rating for said set of credentials bas e d, at l oast i n part, upon an 
ana l ys i s of sa i d to a lowest first trust rating of the at least one first trust 
rat i ng by ass i gning said second trust rating equal to th e h i gh e st trust 
rating of sa i d th i rd trust ratings; 

program code for setting, in the event said set of credentials 
comprises a plurality of certification paths, the second trust rating for said 
set of credentials to a highest third trust rating of said third trust ratings; 
and 



program code for granting access to the resource in the event 
said second trust rating satisfies predetermined criteria. 

(Canceled). 

(Currently amended) A computer program product including a computer 
readable medium, said computer readable medium having an access control 
program stored thereon, said access control program for execution on a 
processor and operable in response to a request to access a resource, 
comprising: 

program code for ascertaining at least one first trust rating explicitly 
included within at least one credential within a set of credentials including a 
group credential, wherein each of said first trust ratings represents i s assoc i at e d 
with a level of confidence in information being certified within the respective 
credential; 

program code operative^ in the event said set of credentials forms a 
plwal -pluralitv of certification paths A for determining for each certification path of 
said ptwat- pluralitv of certification paths,, a respective third trust rating equal to 
the-ajowest first trust rating in the credentials withifhof the respective 
certification path; 

program code for d e t e rmin i ng setting, in the event said set of credentials 
does not comprise a plurality of certification paths, a second trust rating for said 
set of credentials bas e d, at le ast i n part, upon an ana l ysis of said to a lowest 
first trust rating of the at least one first trust rat i ng by assign i ng sa i d s e cond 
trust rating e qua l to th e h i gh e st trust rat i ng of said third trust ratings; 

program code for setting, in the event said set of credentials comprises a 
plurality of certification paths, the second trust rating for said set of credentials 
to a highest third trust rating of said third trust ratings; and 

program code for granting access to the resource in the event said 
second trust rating satisfies predetermined criteria. 



(Currently amended) A computer data signal embodied in a carrier wave for 
transmission to a computer, said computer data signal including a computer 
program executable by the computer for use in evaluating a set of credentials in 
response to a request to access a resource, said computer program 
comprising: 

program code for ascertaining at least one first trust rating explicitly 
included w ithin at least one credential within said set of credentials, wherein 
said set of credentials includes a group credential and wherein each of said first 
trust ratings i s associat e d with represents a level of confidence in information 
being certified within the respective credential; 

program code operative,, in the event said set of credentials forms 
comprises plural certification paths A for determining for each certification path of 
said plural certification paths A a respective third trust rating equal to tbe-ajowest 
first trust rating in the credentials wittw^of the respective certification path; 

program code for d e t e rm i n i ng setting, in the event said set of credentials 
does not comprise plural certification paths, a second trust rating for said set of 
credentials bas e d, at le ast i n p a rt, upon an ana l ys i s of said to a lowest first trust 
rating of the at least one first trust rat i ng by ass i gning sa i d s e cond trust rat i ng 
e qua l to th e h i gh e st trust rating of sa i d th i rd trust ratings; 

program code for setting, in the event said set of credentials comprises 
plural certification paths, the second trust rating for said set of credentials to a 
highest third trust rating of said third trust ratings; and 

program code for granting access to the resource in the event said 
second trust rating satisfies predetermined criteria. 

(Currently amended) A system for evaluating a set of credentials including at 
least one group credential in response to a request to access a resource, 
comprising: 

means for storing an access control program; and 
means for executing said access control program out of said storing 
means, said access control program including: 



program code for ascertaining at least one first trust rating 
explicitly included within at least one of said credentials within said set of 
credentials including said group credential, wherein each of said first 
trust ratings i s assoc i at e d w i th represents a level of confidence in 
information being certified within the respective credential; 

program code operative A in the event said set of credentials forms 
comprises plural certification paths A for determining for each certification 
path of said plural certification paths A a respective third trust rating equal 
to the-ajowest first trust rating in the credentials w i thin ofthe respective 
certification path; 

program code for d e t e rm i n i ng setting, in the event said set of 
credentials does not comprise plural certification paths, a second trust 
rating for said set of credentials bas e d, at loast in part, upon an ana l ys i s 
ef-said -to a lowest first trust rating of the at least one first trust rat i ng by 
ass i gn i ng sa i d s e cond trust rat i ng e qual to th e h i gh e st trust rat i ng of sa i d 

program code for setting, in the event said set of credentials 
comprises plural certification paths, the second trust rating for said set of 
credentials to a highest third trust rating of said third trust ratings; and 

program code for granting access to the resource in the event 
said second trust rating satisfies predetermined criteria. 

(Currently amended) A method for evaluating a set of credentials comprising at 
least one group credential in response to a request to access a resource, 
comprising: 

ascertaining at least one first trust rating explicitly included within at least 
one of said credentials within said set of credentials including said group 
credential, wherein each of said first trust ratings i s associated w i th represents 
a level of confidence in information being certified within the respective 
credential; 



in the event said set of credentials fefms -comprises plural certification 
paths, determining^ for each certification path of said plural certification paths A a 
respective third trust rating equal to tbe-ajowest first trust rating in the 
credentials withtfHrfttie respective certification path; 

in the event said set of credentials does not comprise plural certification 
paths, setting d e t e rm i n i ng a second trust rating for said set of credentials 
bas e d, at le ast i n part, upon an ana l ysis of said t o a lowest first trust rating of 
the at least one first trust rating by ass i gn i ng sa i d s e cond trust rat i ng e qua l to 
th e h i gh e st trust rat i ng of sa i d th i rd trust ratings; 

in the event said set of credentials comprises plural certification paths, 
setting the second trust rating for said set of credentials to a highest third trust 
rating of said third trust ratings; and 

storing said second trust rating for subsequent use in determining 
whether to grant access to the resource. 

(Original) The method of claim 21 further including the step of inserting said 
second trust rating stored in said storing step in another group credential. 
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